Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/QcFEfu14qMMAF0y9A1XS3R61KJE.roa
File: QcFEfu14qMMAF0y9A1XS3R61KJE.roa (raw, json)
Hash identifier: uT1GgOx4xu79Jf2lNb3ZwUnM+t9C/guKeWX2d+eCuX4=
Subject key identifier: 41:C1:44:7E:ED:78:A8:C3:00:17:4C:BD:03:55:D2:DD:1E:B5:28:91
Certificate issuer: /CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Certificate serial: 01856CC16A788A215616B422A2D0314B9E87
Authority key identifier: 14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/QcFEfu14qMMAF0y9A1XS3R61KJE.roa
Signing time: Sun 01 Jan 2023 09:54:53 +0000
ROA not before: Sun 01 Jan 2023 09:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43905
IP address blocks: 185.127.180.0/24 maxlen: 24
185.127.181.0/24 maxlen: 24
185.127.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:6a:78:8a:21:56:16:b4:22:a2:d0:31:4b:9e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Validity
Not Before: Jan 1 09:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41c1447eed78a8c300174cbd0355d2dd1eb52891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ed:5b:af:06:cf:5c:99:b7:2d:8c:6e:c9:41:
c8:03:c4:f2:b9:b2:94:38:9f:be:09:c1:b6:6c:81:
5e:1e:38:70:5e:6a:e2:1d:58:1e:34:6b:9c:19:14:
c1:d0:b6:c7:f5:48:8f:72:da:42:94:4c:34:a8:e8:
76:c7:6d:e0:7f:2b:fc:39:43:fe:66:d7:ff:8d:4f:
99:31:d7:60:b3:a6:4c:21:98:da:17:7e:0f:81:7a:
b2:8a:3f:da:4d:e3:65:60:f0:88:4f:4d:e5:60:24:
97:40:e2:b7:6b:40:06:47:e9:30:d6:17:07:a7:72:
a0:f6:8b:b5:ed:95:39:16:00:df:9b:98:92:7f:14:
5d:3c:66:1e:8b:55:61:a1:be:b5:dd:4f:00:d0:6d:
ba:6f:25:5d:3e:b6:51:88:16:62:67:f9:25:9a:0d:
60:f8:9e:65:e3:03:e4:1c:32:53:00:cf:bd:22:88:
7a:00:9e:e3:78:c1:9f:c3:a7:b4:84:d8:39:12:d9:
03:84:25:ef:70:04:08:5b:1e:b1:1b:4f:19:9b:e1:
6c:ed:29:cc:fb:d9:b9:44:6e:7b:70:9f:36:ef:13:
82:bb:7b:2a:cb:ab:ba:d3:d2:9c:19:19:9b:cd:5b:
0e:da:ed:43:c5:a5:51:53:be:47:c7:72:33:19:95:
9e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:44:7E:ED:78:A8:C3:00:17:4C:BD:03:55:D2:DD:1E:B5:28:91
X509v3 Authority Key Identifier:
keyid:14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/QcFEfu14qMMAF0y9A1XS3R61KJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.180.0/23
185.127.183.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ad:f5:57:e3:79:37:3d:1f:b4:94:9b:57:48:a5:7d:96:6d:
31:9b:9e:7c:94:91:51:ab:59:f2:51:75:7b:62:c5:fc:ea:f9:
23:25:0a:b1:d6:6a:24:74:d7:c2:f5:6c:93:9c:69:7e:45:a5:
a1:7b:b9:0e:21:38:12:05:69:fd:9c:ed:10:b4:b9:46:cc:d5:
36:b1:a6:29:a2:9d:b8:1b:26:d8:5c:dd:61:56:85:08:1b:ad:
40:72:1c:c0:7f:f8:58:2c:8f:49:10:a9:e1:85:3a:3b:42:9c:
39:f5:a6:bf:84:d0:7c:2f:6f:43:a9:8e:23:a5:bb:77:fa:62:
54:0c:1d:87:db:45:ad:56:40:92:83:bb:c5:72:a5:db:06:0e:
12:4e:de:5b:31:87:86:6f:8e:70:bd:dc:e2:d9:a5:64:65:29:
90:ea:05:40:76:dc:ac:dc:41:83:98:81:5d:20:4e:20:ac:5c:
a2:05:24:b3:9d:3b:64:b5:68:3f:06:5b:a3:7b:ed:72:9e:aa:
58:1f:e1:60:6e:8f:5c:74:f5:55:ff:65:96:61:51:6e:d8:6d:
c5:41:c0:03:0a:9a:17:59:e7:de:6d:5f:89:01:c3:a0:fa:67:
51:39:67:b0:bf:23:0a:17:9e:5e:cf:9d:84:28:a7:01:9a:2c:
45:02:74:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVswWp4iiFWFrQiotAxS56HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzRiNmZjNjdiNmI5MGRiMzExYzYxZmMwZTNhOWM3NTI4
MzNjNTYwHhcNMjMwMTAxMDk1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWMxNDQ3ZWVkNzhhOGMzMDAxNzRjYmQwMzU1ZDJkZDFlYjUyODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu1brwbPXJm3LYxuyUHIA8TyubKU
OJ++CcG2bIFeHjhwXmriHVgeNGucGRTB0LbH9UiPctpClEw0qOh2x23gfyv8OUP+
Ztf/jU+ZMddgs6ZMIZjaF34PgXqyij/aTeNlYPCIT03lYCSXQOK3a0AGR+kw1hcH
p3Kg9ou17ZU5FgDfm5iSfxRdPGYei1Vhob613U8A0G26byVdPrZRiBZiZ/klmg1g
+J5l4wPkHDJTAM+9Ioh6AJ7jeMGfw6e0hNg5EtkDhCXvcAQIWx6xG08Zm+Fs7SnM
+9m5RG57cJ827xOCu3sqy6u609KcGRmbzVsO2u1DxaVRU75Hx3IzGZWegQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHBRH7teKjDABdMvQNV0t0etSiRMB8GA1UdIwQY
MBaAFBR0tvxntrkNsxHGH8DjqcdSgzxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQt
OGM1NmQ4ZmUxN2I1LzEvUWNGRWZ1MTRxTU1BRjB5OUExWFMzUjYxS0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQtOGM1NmQ4ZmUxN2I1
LzEvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuX+0AwQA
uX+3MA0GCSqGSIb3DQEBCwUAA4IBAQCYrfVX43k3PR+0lJtXSKV9lm0xm558lJFR
q1nyUXV7YsX86vkjJQqx1mokdNfC9WyTnGl+RaWhe7kOITgSBWn9nO0QtLlGzNU2
saYpop24GybYXN1hVoUIG61AchzAf/hYLI9JEKnhhTo7Qpw59aa/hNB8L29DqY4j
pbt3+mJUDB2H20WtVkCSg7vFcqXbBg4STt5bMYeGb45wvdzi2aVkZSmQ6gVAdtys
3EGDmIFdIE4grFyiBSSznTtktWg/Bluje+1ynqpYH+Fgbo9cdPVV/2WWYVFu2G3F
QcADCpoXWefebV+JAcOg+mdROWewvyMKF55ez52EKKcBmixFAnQP
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:58 2024 by rpki-client on console-ams.rpki-client.org